redcanary.com Open in urlscan Pro
104.198.136.223  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

• https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID HTTP 302
• https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dredcanary.com%2526pId%253d%2524UID HTTP 302
• https://attr.ml-api.io/?domain=redcanary.com&pId=8961757327745448092

Request Chain 66

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1727795835840&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1727795835840&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tm=gtmv2&e_ipv6=AQJMX4sFALHkRgAAAZJIqDQbO0L8pP5Rqy3lGEORxjYL5dsYf7Jm2EXdR0zi4l_GQdPv0d4PwPEuOiooFFRGH1BTqBqW

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response redcanary.com/threat-detection-report/midyear-update/	364 KB 60 KB	554ms 271ms	Document text/html	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / WP Engine Resource Hash cdb07455fef717a5f1796647d149687880cec44cb9c3c8ef15c3bb2669c4f4b0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control max-age=600, must-revalidate content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Tue, 01 Oct 2024 15:17:14 GMT feature-policy microphone 'none'; geolocation 'none' link <https://redcanary.com/?p=38005>; rel=shortlink referrer-policy strict-origin-when-cross-origin server nginx strict-transport-security "max-age=63072000; includeSubDomains; preload"; vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding x-cache HIT: 1 x-cache-group normal x-cacheable SHORT x-content-type-options nosniff x-frame-options deny x-permitted-cross-domain-policies master-only x-powered-by WP Engine x-xss-protection 1; mode=block
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	22 KB 8 KB	111ms 57ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 872d4e2ae170a25a803a61b0dde9fe4ce7ae5b80bd59e333eb139161ec22e495 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 jDFunkBoRQZ82jkCSA3wow== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCE0F4E3319C89 x-ms-lease-status unlocked cf-cache-status HIT age 27217 x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript last-modified Mon, 30 Sep 2024 02:09:16 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 61d33504-d01e-0041-2269-13bb99000000 cf-ray 8cbd6b20a9e99213-FRA accept-ranges bytes access-control-allow-origin * content-length 7220 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.1/	88 KB 31 KB	89ms 24ms	Script text/javascript	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding gzip age 25204 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:17:10 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:17:10 GMT last-modified Thu, 08 Sep 2022 18:15:00 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 31100 x-xss-protection 0 server sffe
GET H2	200	forms2.min.js Show response resource.redcanary.com/js/forms2/js/	199 KB 67 KB	98ms 36ms	Script application/x-javascript	104.17.70.206 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resource.redcanary.com/js/forms2/js/forms2.min.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 104.17.70.206 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0423f69dc0e5f863d923e48c8c61298979b1c3fbdacbf6976d2b36f160bdea88 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control public, max-age=14400 content-encoding gzip cf-cache-status HIT etag "3321f43-31b30-61d9f4beb95c0" age 1268 x-content-type-options nosniff cf-ray 8cbd6b20bb5fdbb1-FRA expires Tue, 01 Oct 2024 19:17:15 GMT date Tue, 01 Oct 2024 15:17:15 GMT content-type application/x-javascript last-modified Fri, 19 Jul 2024 20:11:11 GMT vary Accept-Encoding server cloudflare
GET H2	200	bizible.js Show response cdn.bizible.com/scripts/	67 KB 25 KB	146ms 19ms	Script application/x-javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67D4) / Resource Hash 46a86a5a2e80bb4527338d390d5eedc1f5a36a8f03a1e8830de32f628e9d5c38 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSub cache-control max-age=86400 content-encoding gzip etag "57b0e891d911db1:0" age 64905 accept-ranges bytes x-cache HIT content-length 25394 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/x-javascript last-modified Sat, 28 Sep 2024 19:06:49 GMT server ECS (frb/67D4) vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	360 KB 113 KB	167ms 77ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 057d44d91386ed37443cf99dc8095e87d27e2bc624124a8ea5576dde01433d45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 01 Oct 2024 15:17:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 115032 x-xss-protection 0 server Google Tag Manager
GET H2	200	qualified.js Show response js.qualified.com/	1010 KB 236 KB	144ms 54ms	Script text/javascript	104.18.16.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.qualified.com/qualified.js?token=bAEbi2aHVysBKzuy Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.16.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc2911e03bf30d58c3409a7b2092e6547a4d21c7bc0d3c5f84f8fe078f4c151e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers x-request-id 85dd61be-ee5b-4517-942d-d7df6f5caff5 content-encoding gzip cf-cache-status HIT etag W/"556d6bbbc842ec6f225c74c1ea483310" age 24029 x-permitted-cross-domain-policies none x-content-type-options nosniff expires Tue, 01 Oct 2024 19:17:15 GMT x-cache miss date Tue, 01 Oct 2024 15:17:15 GMT content-type text/javascript; charset=utf-8 vary Accept,Accept-Encoding x-runtime 0.037119 x-frame-options SAMEORIGIN strict-transport-security max-age=63072000; includeSubDomains cache-control public, max-age=14400 referrer-policy strict-origin-when-cross-origin x-download-options noopen cf-ray 8cbd6b223d3cd2b6-FRA x-xss-protection 1; mode=block server cloudflare
GET H3	200	jquery.matchHeight-min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/	3 KB 2 KB	76ms 40ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery.matchHeight/0.7.2/jquery.matchHeight-min.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03ec3-d34" age 3146456 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FP4RLqAxHKWNecm%2FyYk39NxaClLF8ASXwmJmNsqq73CA5%2FOpxaU0irb6SFtPV569GE99mGzoPMy3niL2jubO1gIMB9Q4C%2BXwe9Lyxx7G6AuGfSIQPnrdD2j8QFH1Y4Fk4OG5iOmdu%2F%2FAfmBHExPJwrGT"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sun, 21 Sep 2025 15:17:14 GMT date Tue, 01 Oct 2024 15:17:14 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:11:47 GMT vary Accept-Encoding strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8cbd6b208ea318bd-FRA accept-ranges bytes access-control-allow-origin * content-length 1221 server cloudflare
GET H/1.1	200 OK	teknkl-formsplus-1.0.5.js Show response s3-us-west-2.amazonaws.com/s.cdpn.io/250687/	41 KB 41 KB	591ms 206ms	Script application/x-js	52.92.193.64 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/s.cdpn.io/250687/teknkl-formsplus-1.0.5.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.92.193.64 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 731fcb30d45f2e35aaa139a7a964410a7c2bcdbfbb48a837c9d56dec7cc3732f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers Cache-Control public ETag "bab0c2b3523f8244564b675fe34db610" x-amz-version-id OjXdZ5iYdmgpgEuq0ftytCBc_PO35ThO x-amz-request-id NEAHXM0KP4ES1JJ0 Accept-Ranges bytes Content-Length 41617 Date Tue, 01 Oct 2024 15:17:16 GMT Last-Modified Thu, 26 Apr 2018 08:20:46 GMT Content-Type application/x-js Server AmazonS3 x-amz-id-2 SNNzknfvVR6uFm2KScjiNIhtuaJqF5BqOXtMdqAHJFJw3N8MhND3XHKpOfJxvYzcrv1Q7TWp++0=
GET H2	200	autoptimize_7b38ca29273224c4ecb2a43fdd286ea7.js Show response redcanary.com/wp-content/cache/autoptimize/js/	262 KB 76 KB	145ms 136ms	Script application/javascript	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/cache/autoptimize/js/autoptimize_7b38ca29273224c4ecb2a43fdd286ea7.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 18b368af8e8679b39c6fbbdde36542f3fc345bc9230a35cd1bd06595c1e73608 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"66e4526a-4165d" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding server nginx last-modified Fri, 13 Sep 2024 14:55:38 GMT
GET H2	200	40393661-0639-4e13-9774-ba9e2ae459fa.json Show response cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/	5 KB 2 KB	110ms 59ms	XHR application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/40393661-0639-4e13-9774-ba9e2ae459fa.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccef64d3564e0e9649b029ad0117abb8f1a8504db767abeeca33de23b9a50844 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 YHyB5ZH80LGScBjDlihTlg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC58B5FDF46D79 age 79962 x-ms-lease-status unlocked x-content-type-options nosniff x-ms-version 2009-09-19 expires Wed, 02 Oct 2024 15:17:15 GMT date Tue, 01 Oct 2024 15:17:15 GMT content-type application/json last-modified Tue, 09 Apr 2024 16:56:25 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id a021cdb6-701e-0035-669e-8a5597000000 cf-ray 8cbd6b219d50381a-FRA accept-ranges bytes access-control-allow-origin * content-length 1766 x-ms-blob-type BlockBlob server cloudflare
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	123ms 35ms	Script application/x-javascript	88.221.60.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-60-75.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers Content-Encoding gzip ETag "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763" Connection keep-alive Accept-Ranges bytes P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Length 729 Date Tue, 01 Oct 2024 15:17:15 GMT Content-Type application/x-javascript Last-Modified Fri, 17 Mar 2023 01:24:48 GMT Server AkamaiNetStorage Vary Accept-Encoding
GET H2	200	gtm.js Show response www.googletagmanager.com/	367 KB 119 KB	137ms 49ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d8ebdfb15f2b02a2739e82a5c4bc5ba89f04fd376e28b1c9e8bf82f4b0ea02f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Tue, 01 Oct 2024 15:17:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 15:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 120941 x-xss-protection 0 server Google Tag Manager
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	120ms 31ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2400a36b6ad539bf01612df2f0ae253d0928fcdd2e966b299af7e84111216651 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type text/css; charset=utf-8 last-modified Tue, 01 Oct 2024 15:17:15 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	j.php Show response dev.visualwebsiteoptimizer.com/	29 KB 9 KB	131ms 34ms	XHR application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/j.php?a=906194&u=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&vn=2.1&x=true Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gfra2 / Resource Hash e8b42bcc4b44b4984db754cd5f6d0d209121eb1eb6d9d8e46be8a322c75752f1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control public, max-age=0, no-cache, must-revalidate timing-allow-origin * content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://redcanary.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding server gfra2
GET H2	200	autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css redcanary.com/wp-content/cache/autoptimize/css/	5 MB 250 KB	276ms 268ms	Stylesheet text/css	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 6438b16f2375488bf0208a69b27fe17b3119b1772be376966663f9014b7e14e6 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"66e4526b-53ed07" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:15 GMT content-type text/css vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding server nginx last-modified Fri, 13 Sep 2024 14:55:39 GMT
GET H2	200	5354.js Show response tracking.g2crowd.com/attribution_tracking/conversions/	2 KB 2 KB	150ms 66ms	Script text/javascript	2606:4700::6812:1fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.g2crowd.com/attribution_tracking/conversions/5354.js?p=https://redcanary.com/threat-detection-report/midyear-update/&e= Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a19e8115a96e4c9737892a1f98f39b41834efbd191c01cd2236a0c3dd7d867f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding br x-permitted-cross-domain-policies none x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:15 GMT content-type text/javascript;charset=UTF-8 content-disposition inline vary Origin, Accept-Encoding x-frame-options SAMEORIGIN strict-transport-security max-age=15552000; includeSubDomains x-dns-prefetch-control off cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin referrer-policy no-referrer x-download-options noopen cf-ray 8cbd6b222feed399-FRA access-control-allow-origin * x-xss-protection 0 origin-agent-cluster ?1 server cloudflare
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6e0408f7fbaf5216b577287b7654be1388d933b9b41dbd95dc733d5b5020f67a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H2	200	tdr-sidenav-grain.png redcanary.com/wp-content/themes/redcanary/assets/img/	230 KB 231 KB	257ms 249ms	Image image/png	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/tdr-sidenav-grain.png Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 3cf023f65b0756bbd15808ea4464febb7dde19426a49c5ea03555010b9a01813 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f0a8a3-3998b" accept-ranges bytes access-control-allow-origin * content-length 235915 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/png last-modified Tue, 12 Mar 2024 19:10:27 GMT server nginx vary Accept-Encoding
GET H2	200	tdr-search-icon.svg redcanary.com/wp-content/themes/redcanary/assets/img/	773 B 726 B	255ms 249ms	Image image/svg+xml	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/tdr-search-icon.svg Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 7bb26544c7c0d00e118860dc125c1bc943201bca5cf780804370732b39210d38 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"64187eac-305" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:15 GMT content-type image/svg+xml vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding server nginx last-modified Mon, 20 Mar 2023 15:41:32 GMT
GET H2	200	tdr-hero-canaries.png redcanary.com/wp-content/themes/redcanary/assets/img/	10 KB 10 KB	255ms 249ms	Image image/png	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/tdr-hero-canaries.png Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 7481436346ad777435fe494e87a3d7fa9dc1251ab9a024d5305a90fcc0b44f8c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "64187eab-27ad" accept-ranges bytes access-control-allow-origin * content-length 10157 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/png last-modified Mon, 20 Mar 2023 15:41:31 GMT server nginx vary Accept-Encoding
GET H2	200	bullet-square.svg redcanary.com/wp-content/themes/redcanary/assets/img/	443 B 616 B	253ms 248ms	Image image/svg+xml	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/bullet-square.svg Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 6217f642930c0d2411329fb00cf9a7e2e138a98f56eece6e82b3a7359f20cb11 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"6123d0cf-1bb" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:15 GMT content-type image/svg+xml vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding server nginx last-modified Mon, 23 Aug 2021 16:46:07 GMT
GET H2	200	globe-white-right.png redcanary.com/wp-content/themes/redcanary/assets/img/	259 KB 260 KB	254ms 248ms	Image image/png	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/globe-white-right.png Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash d3d589e680bc49f54cb5721723fc2ec1a68d5e8ce3946db7192fb0d207e9b6cf Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "5c76b1ef-40da2" accept-ranges bytes access-control-allow-origin * content-length 265634 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/png last-modified Wed, 27 Feb 2019 15:51:11 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Text-700.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 23 KB	187ms 186ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-700.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 2920a21f3d5f1c34cc38823f2c4422d1a0d23cba63233e5e8c382852aa7ada7c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f06305-5acc" accept-ranges bytes access-control-allow-origin * content-length 23244 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:25 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Text-300.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	22 KB 23 KB	188ms 187ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-300.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 6a2fae6141cd3c337ae20368ec6c6d16bcd1774b42c9cf6ef2b79f4ce7a67710 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f06302-5998" accept-ranges bytes access-control-allow-origin * content-length 22936 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:22 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Text-400.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 23 KB	188ms 187ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-400.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 9a5b8f66f586ce4d9566503535595800d6d4c8b6e1651ab8b2fbf8f02819ef42 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f06303-5a48" accept-ranges bytes access-control-allow-origin * content-length 23112 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:23 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Display-300.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 23 KB	187ms 187ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-300.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 52ce30c1ca4a370f850fadf51868d1792a6e6a81f9488f67b993cc7d2921d187 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f062fb-5acc" accept-ranges bytes access-control-allow-origin * content-length 23244 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:15 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Display-400.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 23 KB	186ms 186ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-400.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash c8794253f4669bc181f3401651637f6a14f68ea3ffd1bd18a8e46abaac6308ac Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f062fc-5b10" accept-ranges bytes access-control-allow-origin * content-length 23312 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:16 GMT server nginx vary Accept-Encoding
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 295 B	139ms 88ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 accept application/json Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip access-control-allow-methods GET, OPTIONS cf-ray 8cbd6b228f7c35e1-FRA access-control-allow-origin * date Tue, 01 Oct 2024 15:17:15 GMT content-type application/json vary Accept-Encoding server cloudflare access-control-allow-headers Content-Type
GET H3	200	worker-77cb20d7fe5914aec487582c68e5ee25br.js Show response dev.visualwebsiteoptimizer.com/cdn/edrv/	266 KB 64 KB	65ms 39ms	XHR text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/cdn/edrv/worker-77cb20d7fe5914aec487582c68e5ee25br.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash 6ea3868078290bccb9fb1c1020d4eab6f53cd2cb65b8ce0e6c89cd4fb5c65cdf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers x-goog-metageneration 1 content-encoding br x-goog-hash crc32c=UyKaog==, md5=7Pbmy/Qd1QexD3T+u+LR/Q== etag "ecf6e6cbf41dd507b10f74febbe2d1fd" age 57204 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 65960 date Mon, 30 Sep 2024 23:23:51 GMT last-modified Fri, 27 Sep 2024 14:20:18 GMT content-type text/javascript; charset=UTF-8 x-guploader-uploadid AD-8ljvSZoZMF-U9gMmEMNqubaH_O53gEwKwvmQAZiYLvOywfwvsEgVnI8-nFTTjEFWfS8RGaSX0c0awEw cdn_cache_status hit cache-control public, max-age=31536000 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1727446818479495 content-length 65960 content-language en server UploadServer
GET H3	200	va_gq-e7fa93e800dbd345e23dc051ec222f7abr.js Show response dev.visualwebsiteoptimizer.com/cdn/edrv/	278 KB 72 KB	49ms 24ms	XHR text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/cdn/edrv/va_gq-e7fa93e800dbd345e23dc051ec222f7abr.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash 766d47c5dae060ace22799183d3d74a04e296225ba6a408e6e82cca3a923d7a2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers x-goog-metageneration 1 content-encoding br x-goog-hash crc32c=/ufclQ==, md5=tvQw8YHp2MmXTMvgr5Dtdw== etag "b6f430f181e9d8c9974ccbe0af90ed77" age 57446 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 74023 date Mon, 30 Sep 2024 23:19:49 GMT last-modified Fri, 27 Sep 2024 14:20:45 GMT content-type text/javascript; charset=UTF-8 x-guploader-uploadid AD-8ljtcJQlU_3px0W6Ys1o4aETQubZPy15hB-1fAR9YL4owMbOTU4kppwa1OfDt83vN57SWOyaYArwSRg cdn_cache_status hit cache-control public, max-age=31536000 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1727446845499273 content-length 74023 content-language en server UploadServer
GET H2	200	v.gif dev.visualwebsiteoptimizer.com/	35 B 146 B	115ms 114ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=906194&d=redcanary.com&u=DFCBF3B25D2F2642641520CB20976882D&h=467f24f504e00591f66850308976b3e9&t=false Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv03c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control public, max-age=43200 x-content-type-options nosniff via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/gif server gnv03c
GET H3	200	6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	15 KB 15 KB	82ms 47ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://fonts.googleapis.com/ Response headers age 62155 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 30 Sep 2025 22:01:20 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 30 Sep 2024 22:01:20 GMT last-modified Thu, 01 Jun 2023 22:52:56 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14892 x-xss-protection 0 server sffe
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 14 KB	74ms 39ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://fonts.googleapis.com/ Response headers age 25832 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:06:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:06:43 GMT last-modified Thu, 01 Jun 2023 22:52:57 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14712 x-xss-protection 0 server sffe
GET H3	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v22/	14 KB 14 KB	62ms 27ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://fonts.googleapis.com/ Response headers age 25686 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 01 Oct 2025 08:09:09 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:09:09 GMT last-modified Thu, 01 Jun 2023 22:52:58 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 14780 x-xss-protection 0 server sffe
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/163/	11 KB 5 KB	26ms 24ms	Script application/x-javascript	88.221.60.75 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/163/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a88-221-60-75.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers Cache-Control max-age=8640000 Content-Encoding gzip ETag "ea7826f34518d7c2295738f39c7640fa:1672972000.238769" Connection keep-alive Expires Thu, 09 Jan 2025 15:17:15 GMT Accept-Ranges bytes P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Content-Length 4741 Date Tue, 01 Oct 2024 15:17:15 GMT Content-Type application/x-javascript Last-Modified Fri, 06 Jan 2023 02:26:40 GMT Server AkamaiNetStorage Vary Accept-Encoding
POST H2	200	assign tracking.g2crowd.com/attribution_tracking/conversions/	0 0	142ms 140ms	Ping text/html	2606:4700::6812:1fb0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.g2crowd.com/attribution_tracking/conversions/assign Requested by Host: tracking.g2crowd.com URL: https://tracking.g2crowd.com/attribution_tracking/conversions/5354.js?p=https://redcanary.com/threat-detection-report/midyear-update/&e= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1fb0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundary238ShzrpmrayzPC1 Referer https://redcanary.com/ Response headers
POST H/1.1	200 OK	visitWebPage 003-yru-314.mktoresp.com/webevents/	2 B 318 B	996ms 170ms	Ping text/plain	192.28.147.68 OMNITURE
General Check archive.org Show headers Download Go to Full URL https://003-yru-314.mktoresp.com/webevents/visitWebPage?_mchNc=1727795835326&_mchCn=&_mchId=003-YRU-314&_mchTk=_mch-redcanary.com-1727795835325-26601&_mchHo=redcanary.com&_mchPo=&_mchRu=%2Fthreat-detection-report%2Fmidyear-update%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp= Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/163/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 192.28.147.68 , United States, ASN15224 (OMNITURE, US), Reverse DNS Software nginx/1.20.1 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers Transfer-Encoding chunked X-Request-Id 7fc77597-f450-4768-bc07-20ff64f1f3a6 Content-Encoding gzip Connection keep-alive Access-Control-Allow-Origin * Date Tue, 01 Oct 2024 15:17:16 GMT Content-Type text/plain; charset=UTF-8 Server nginx/1.20.1
GET H2	200	destination Show response www.googletagmanager.com/gtag/	275 KB 95 KB	40ms 39ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-759876114&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f7e376583b3279fe9c05115e9b28e53b5de76547a8b790745bc500d8c44a333c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],} expires Tue, 01 Oct 2024 15:17:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Tue, 01 Oct 2024 15:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 96514 x-xss-protection 0 server Google Tag Manager
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	120ms 24ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers vary Accept-Encoding,Host cache-control no-cache content-encoding gzip etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" accept-ranges bytes x-cache HIT, HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-length 15412 date Tue, 01 Oct 2024 15:17:15 GMT x-tw-cdn FT last-modified Fri, 22 Mar 2024 21:07:24 GMT content-type application/javascript; charset=utf-8 x-served-by cache-iad-kiad7000168-IAD, cache-fra-etou8220134-FRA x-amz-server-side-encryption AES256
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	42 KB 13 KB	122ms 23ms	Script application/javascript	2a04:4e42:400::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control public, max-age=60 nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} content-encoding gzip etag "bed9b675380c07edc84c03d0f362b192" report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish, 1.1 varnish accept-ranges bytes content-length 12103 date Tue, 01 Oct 2024 15:17:15 GMT last-modified Mon, 23 Sep 2024 17:14:22 GMT content-type application/javascript vary Accept-Encoding,Origin server snooserv x-amz-server-side-encryption AES256
GET H2	200	bat.js Show response bat.bing.com/	49 KB 15 KB	155ms 47ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding gzip etag "803483b3aaadb1:0" accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 9611526BE30D42D7B1FDB71385310766 Ref B: FRA31EDGE0711 Ref C: 2024-10-01T15:17:15Z accept-ranges bytes x-cache CONFIG_NOCACHE content-length 14402 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript last-modified Thu, 19 Sep 2024 15:43:41 GMT vary Accept-Encoding
GET H3	410	9416.js script.crazyegg.com/pages/scripts/0096/	0 0	89ms 39ms	Script application/javascript	2606:4700::6813:9408 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0096/9416.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control public, max-age=86400, s-maxage=86400 cf-cache-status HIT age 82087 cf-ray 8cbd6b239dd19a2f-FRA access-control-allow-origin * content-length 0 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript last-modified Mon, 30 Sep 2024 16:29:08 GMT vary Accept-Encoding server cloudflare
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	40 KB 14 KB	133ms 38ms	Script application/javascript	2a02:26f0:3500:10::210:a9a AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=30436 content-encoding gzip x-cdn AKAM x-content-type-options nosniff accept-ranges bytes content-length 14628 date Tue, 01 Oct 2024 15:17:15 GMT last-modified Thu, 22 Aug 2024 10:43:55 GMT content-type application/javascript;charset=utf-8 vary Accept-Encoding x-amz-server-side-encryption AES256
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	226 KB 58 KB	62ms 23ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 57e4fab3e926d0392dfc236b18cc28628abf957efe96c5d5a592b617ec108a90 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Tue, 01 Oct 2024 15:17:15 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=23, mss=1232, tbw=4438, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug peY0Bg50YmPkNRZXG2kex+tsUboibZbSiIMkQWQ6jrRDz9TYHrfUPcG9lC/CHGNxU4maGajs7/ddlTfPryDlpQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 59131 x-xss-protection 0
GET H2	200	/ attr.ml-api.io/ Redirect Chain https://s.ml-attr.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID https://secure.adnxs.com/getuid?https%3a%2f%2fattr.ml-api.io%2f%3fdomain%3dredcanary.com%26pId%3d%24UID https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fattr.ml-api.io%252f%253fdomain%253dredcanary.com%2526pId%253d%2524UID https://attr.ml-api.io/?domain=redcanary.com&pId=8961757327745448092	4 B 279 B	292ms 187ms	Image application/json	2600:9000:206f:9c00:5:7a81:86c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://attr.ml-api.io/?domain=redcanary.com&pId=8961757327745448092 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Server 2600:9000:206f:9c00:5:7a81:86c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers via 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront) apigw-requestid e-fTdjaWoAMESQw= alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront content-length 4 x-amz-cf-id 86XRdPBCjz9ssoo4Ki9TjND6rceCu5Grz5RcfOJsR47VB2jviXF1tw== date Tue, 01 Oct 2024 15:17:16 GMT content-type application/json x-amz-cf-pop FRA56-C1 Redirect headers cache-control no-store, no-cache, private location https://attr.ml-api.io/?domain=redcanary.com&pId=8961757327745448092 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid ef83d263-4059-48fd-9f9e-ba1231a7db4f content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Tue, 01 Oct 2024 15:17:16 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
POST H2	204	collect region1.analytics.google.com/g/	0 0	264ms 40ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-T3K4MTNQJN&gtm=45je49u0v874113835z8813277038za200&_p=1727795835112&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101686685~101747727&cid=1831627930.1727795835&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1727795835&sct=1&seg=0&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&dt=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1133 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://redcanary.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 57 B	247ms 35ms	Ping text/plain	2a00:1450:400c:c02::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T3K4MTNQJN&cid=1831627930.1727795835&gtm=45je49u0v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101671035~101686685~101747727 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://redcanary.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type text/plain server Golfe2
POST H2	204	collect region1.analytics.google.com/g/	0 0	257ms 42ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-S6W6WXK4G8&gtm=45je49u0v874113835z8813277038za200&_p=1727795835112&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101686685~101747727&cid=1831627930.1727795835&ecid=2006032822&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EA&_s=1&sid=1727795835&sct=1&seg=0&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&dt=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&en=page_view&_fv=1&_ss=1&tfd=1144 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://redcanary.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 543 B	238ms 35ms	Ping text/plain	2a00:1450:400c:c02::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-S6W6WXK4G8&cid=1831627930.1727795835&gtm=45je49u0v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101671035~101686685~101747727 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://redcanary.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type text/plain server Golfe2
POST H2	204	collect region1.analytics.google.com/g/	0 0	232ms 42ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-S6W6WXK4G8&gtm=45je49u0v874113835za200&_p=1727795835112&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101686685~101747727&cid=1831627930.1727795835&ecid=2006032822&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EAAC&_s=2&sid=1727795835&sct=1&seg=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&dt=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&en=page_view&_ee=1&_et=22&tfd=1169 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://redcanary.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:15 GMT content-type text/plain server Golfe2
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202403.2.0/	447 KB 109 KB	47ms 44ms	Script application/javascript	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1e4b4fc897b28572139d99a48b119f8b81e71b8b0a262463d798d08176fcbb6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 UXUCHIIw+nYfl5bUBeOrfg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E0CAE51F8D x-ms-lease-status unlocked cf-cache-status HIT age 62562 x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript last-modified Tue, 16 Jul 2024 21:46:47 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id f908b35a-301e-0026-11ca-d7083e000000 cf-ray 8cbd6b23fd699213-FRA accept-ranges bytes access-control-allow-origin * content-length 110883 x-ms-blob-type BlockBlob server cloudflare
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	246ms 58ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T3K4MTNQJN&cid=1831627930.1727795835&gtm=45je49u0v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101671035~101686685~101747727&tag_exp=101533422~101671035~101686685~101747727&z=1099272613 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 15:17:15 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	246ms 58ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-S6W6WXK4G8&cid=1831627930.1727795835&gtm=45je49u0v874113835z8813277038za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101671035~101686685~101747727&tag_exp=101533422~101671035~101686685~101747727&z=1858029489 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Tue, 01 Oct 2024 15:17:15 GMT x-xss-protection 0 content-type image/gif server cafe
GET		59b88a12-4951-4b75-8d1e-3c3695d7b49a https://redcanary.com/ Frame	0 0
GET H3	200	s.gif dev.visualwebsiteoptimizer.com/	35 B 53 B	157ms 157ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/s.gif?account_id=906194&u=DFCBF3B25D2F2642641520CB20976882D&s=1727795835&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22de-de%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1727795835719%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1727795835734&v=257b305e9 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv03c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate pragma no-cache x-content-type-options nosniff via 1.1 google expires Mon, 10 Jan 2005 00:00:01 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/gif server gnv03c
GET H2	200	config Show response pixel-config.reddit.com/pixels/t2_5kac730w/	3 B 124 B	84ms 28ms	XHR application/json	151.101.193.140 FASTLY
General Check archive.org Show headers Download Go to Full URL https://pixel-config.reddit.com/pixels/t2_5kac730w/config Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=14400 content-encoding gzip via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 27 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/json
GET H2	200	t2_5kac730w_telemetry Show response www.redditstatic.com/ads/conversions-config/v1/pixel/config/	86 B 699 B	82ms 37ms	XHR application/json	2a04:4e42:400::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_5kac730w_telemetry Requested by Host: www.redditstatic.com URL: https://www.redditstatic.com/ads/pixel.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=300 nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02} content-encoding gzip report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish accept-ranges bytes access-control-allow-origin * content-length 97 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/json vary Accept-Encoding,Origin server snooserv
GET H2	200	rp.gif alb.reddit.com/	42 B 637 B	83ms 27ms	Image image/gif	151.101.1.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1727795835797&id=t2_5kac730w&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=d6ff3518-26e2-4301-b21d-83e36a927362&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_5afed25b&dpm=&dpcc=&dprc= Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers nel {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3} retry-after 0 cross-origin-resource-policy cross-origin report-to {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]} via 1.1 varnish accept-ranges bytes content-length 42 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/gif server Varnish
GET H2	200	adsct t.co/i/	43 B 627 B	221ms 169ms	Image image/gif	172.66.0.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=4d7d4e7d-7ecd-40b1-8ed9-ce6ccfb390b1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79700fad-490b-4e02-8dca-2263a301d822&tw_document_href=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o015g&type=javascript&version=2.3.30 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=0 x-transaction-id c9c4832a77294a97 cache-control no-cache, no-store, max-age=0 x-connection-hash 493f6b6c45eabfaed5415fabd7d7373191789ac8e32217aa71e65826e97d8d17 cf-cache-status DYNAMIC cf-ray 8cbd6b262fd04dba-FRA x-response-time 108 content-length 43 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/gif;charset=utf-8 perf 7402827104 server cloudflare tsa_o
GET H2	200	adsct analytics.twitter.com/i/	43 B 394 B	243ms 197ms	Image image/gif	104.244.42.3 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=4d7d4e7d-7ecd-40b1-8ed9-ce6ccfb390b1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=79700fad-490b-4e02-8dca-2263a301d822&tw_document_href=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o015g&type=javascript&version=2.3.30 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.3 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=631138519 x-transaction-id 9d9024e0713b79e8 cache-control no-cache, no-store, max-age=0 x-connection-hash a282fd4360aa4302318b4de61464a488ae7a0bf95d70c04e1630a97721fd27d7 x-response-time 173 content-length 43 date Tue, 01 Oct 2024 15:17:14 GMT perf 7402827104 content-type image/gif;charset=utf-8 server tsa_o
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 439 B	205ms 145ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://redcanary.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept * Content-Type text/plain;charset=UTF-8 Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 3371EDC8CBFC46CE809CA57BDB9BC404 Ref B: FRAEDGE1407 Ref C: 2024-10-01T15:17:15Z x-li-fabric prod-lva1 access-control-allow-credentials true x-li-uuid AAYja9ELmIxNahDZz5kg6g== x-li-proto http/2 access-control-allow-origin https://redcanary.com x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 15:17:15 GMT vary Origin
GET H3	204	td www.googletagmanager.com/	0 18 B	60ms 59ms	Image text/plain	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.googletagmanager.com/td?id=AW-759876114&v=3&t=t&pid=1163534935&dl=redcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tdp=AW-759876114;103488584;1;7;1&frm=0&rtg=13277038&rlo=10&slo=9&hlo=11&lst=1&pcid=13277038&z=0 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 date Tue, 01 Oct 2024 15:17:15 GMT content-type text/plain server Golfe2
GET H3	200	1042590016249604 Show response connect.facebook.net/signals/config/	66 KB 13 KB	24ms 23ms	Script application/x-javascript	2a03:2880:f083:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1042590016249604?v=2.9.169&r=stable&domain=redcanary.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e380c44951058c29c3fe61792f28cf0cd0fdd30245565f27135db486c3accbf3 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 edge-control cache-maxage=10m date Tue, 01 Oct 2024 15:17:15 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=74, mss=1232, tbw=67238, tp=62, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug 4IxkVMxlgEoVoVW5PHeby1O/90NIItDQ+07Ajn9NGzyduWp/S7Hj2RFigqfHxA86vPXkZdF4fBKvvpVGsMOSMQ== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 13087 x-xss-protection 0 origin-agent-cluster ?0
GET H2	200	56383426.js Show response bat.bing.com/p/action/	370 B 429 B	48ms 48ms	Script application/javascript	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/56383426.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a791796f72eea3c5febcbe84acc17e5e8e434e71036ea481b168dc4f41f12a9c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 content-encoding br accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 60646A2F0B914417846CC53DBCA1112D Ref B: FRA31EDGE0711 Ref C: 2024-10-01T15:17:15Z x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript; charset=utf-8 vary Accept-Encoding
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 813 B	203ms 152ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=1540753&time=1727795835840&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Accept * Referer https://redcanary.com/ Response headers x-li-pop afd-prod-lva1-x content-encoding gzip x-fs-uuid 0006236bd10bcebad591e0311baeaf71 x-msedge-ref Ref A: E9A814F580FD467EAD5AB6228C3F2539 Ref B: FRAEDGE1616 Ref C: 2024-10-01T15:17:15Z x-li-fabric prod-lva1 x-restli-protocol-version 1.0.0 access-control-allow-methods GET, OPTIONS x-li-uuid AAYja9ELzrrVkeAxG66vcQ== x-li-proto http/2 access-control-allow-origin * x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 15:17:15 GMT content-type application/json access-control-allow-headers *
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1727795835840&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1727795835840&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tm=gtmv2&e_ipv6=AQJMX4sFALHkRgAAAZJIqDQb...	0 266 B	188ms 127ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1727795835840&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tm=gtmv2&e_ipv6=AQJMX4sFALHkRgAAAZJIqDQbO0L8pP5Rqy3lGEORxjYL5dsYf7Jm2EXdR0zi4l_GQdPv0d4PwPEuOiooFFRGH1BTqBqW Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers linkedin-action 1 x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: F8BE735F4D294EA4923B8CCEE6EAAC2A Ref B: FRAEDGE1610 Ref C: 2024-10-01T15:17:16Z x-li-fabric prod-lva1 x-li-uuid AAYja9EOWREqzaGi7MGlMg== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Tue, 01 Oct 2024 15:17:15 GMT content-type application/javascript Redirect headers linkedin-action 1 x-li-pop afd-prod-lva1-x location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1540753&time=1727795835840&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&tm=gtmv2&e_ipv6=AQJMX4sFALHkRgAAAZJIqDQbO0L8pP5Rqy3lGEORxjYL5dsYf7Jm2EXdR0zi4l_GQdPv0d4PwPEuOiooFFRGH1BTqBqW x-msedge-ref Ref A: 6DD0C143A76140AE97E201570417AE91 Ref B: FRAEDGE1407 Ref C: 2024-10-01T15:17:15Z x-li-fabric prod-lva1 x-li-uuid AAYja9ELbB+W3zwBGeEwOw== x-li-proto http/2 x-cache CONFIG_NOCACHE content-length 0 date Tue, 01 Oct 2024 15:17:15 GMT
GET H2	200	en.json Show response cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/74fb8979-2e31-43ae-9b2a-9bc75d2fa949/	52 KB 12 KB	52ms 52ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/40393661-0639-4e13-9774-ba9e2ae459fa/74fb8979-2e31-43ae-9b2a-9bc75d2fa949/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37272073d42afe3551287e126370433d9b283bb954309149ca9b3ce601c00c66 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 63xjzesvZt/KspanM0JPAA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip cf-cache-status HIT etag 0x8DC58B600BC7414 age 66229 x-ms-lease-status unlocked x-content-type-options nosniff x-ms-version 2009-09-19 expires Wed, 02 Oct 2024 15:17:15 GMT date Tue, 01 Oct 2024 15:17:15 GMT content-type application/json last-modified Tue, 09 Apr 2024 16:56:29 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=86400 cross-origin-resource-policy cross-origin, cross-origin x-ms-request-id 96c806ec-001e-002f-1c9f-8a3448000000 cf-ray 8cbd6b261b38381a-FRA accept-ranges bytes access-control-allow-origin * content-length 12613 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	ipv cdn.bizible.com/	43 B 305 B	22ms 21ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-1906410348&_biz_u=2f697324933b4d82dd7b9fb56d651c0f&_biz_l=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&_biz_t=1727795835260&_biz_i=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&_biz_n=0&a=redcanary.com&rnd=724314&cdn_o=a&_biz_z=1727795835861 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67BA) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSub cache-control no-cache, no-store pragma no-cache age 324110 expires -1 accept-ranges bytes x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-length 43 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/gif last-modified Fri, 27 Sep 2024 21:15:25 GMT server ECS (frb/67BA)
GET H2	200	u cdn.bizibly.com/	43 B 204 B	23ms 22ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizibly.com/u?_biz_u=2f697324933b4d82dd7b9fb56d651c0f&_biz_l=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&_biz_t=1727795835863&_biz_i=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&a=redcanary.com&rnd=936436&cdn_o=a&_biz_z=1727795835863 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6752) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSub cache-control no-cache, no-store pragma no-cache age 324105 expires -1 accept-ranges bytes x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-length 43 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/gif last-modified Fri, 27 Sep 2024 21:15:30 GMT server ECS (frb/6752)
GET H2	200	f3744a5e-342b-429c-9d2c-2c1b7b45310a.js Show response j.6sc.co/j/	5 KB 2 KB	499ms 412ms	Script application/javascript	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/j/f3744a5e-342b-429c-9d2c-2c1b7b45310a.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 805ce4322a9be88ec58266cf40c95f62920aadea2a0d00f6ddeda8f82df66b09 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding gzip etag "e32c5c81f0cda4121d7ac50a6fa46548" x-amz-version-id ZP_GnDytUL9NRU7xM5CP6PgfirMXR58J expires Tue, 01 Oct 2024 15:47:16 GMT x-amz-cf-id hXNxXdSy60RAXtCMi4aF4F85DbwRAHrCbVWpIoBrHOEZ-_fC7crgTQ== date Tue, 01 Oct 2024 15:17:16 GMT last-modified Thu, 15 Feb 2024 19:15:51 GMT vary Accept-Encoding content-type application/javascript x-amz-meta-content-type application/json cache-control private, max-age=1800 accept-ranges bytes content-length 1566 x-amz-cf-pop FRA60-P8 server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css redcanary.com/wp-content/cache/autoptimize/css/	5 MB 0	0ms 0ms	Stylesheet text/css	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 6438b16f2375488bf0208a69b27fe17b3119b1772be376966663f9014b7e14e6 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"66e4526b-53ed07" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:15 GMT content-type text/css vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding server nginx last-modified Fri, 13 Sep 2024 14:55:39 GMT
GET H2	200	xdc.js Show response cdn.bizible.com/	111 B 347 B	133ms 132ms	Script text/javascript	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.bizible.com/xdc.js?_biz_u=2f697324933b4d82dd7b9fb56d651c0f&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.09.26&a=redcanary.com Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67DF) / Resource Hash 8c399e8b50c2bf0b9ec2c567e51c48e1ebe86b2c687c895584cb8b33b626fd64 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSub cache-control private, must-revalidate, max-age=21600 content-encoding gzip etag 6CB8531C p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-length 216 date Tue, 01 Oct 2024 15:17:16 GMT content-type text/javascript; charset=utf-8 vary Accept-Encoding server ECS (frb/67DF)
GET H2	200	TDR-Header-03.jpg redcanary.com/wp-content/uploads/2024/03/	371 KB 372 KB	136ms 135ms	Image image/jpeg	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/uploads/2024/03/TDR-Header-03.jpg Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash f46d096c5acb1a5a9dd66960361b2199ea0817ba4c543f3776944a995e2768c7 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65ef2804-5cd13" accept-ranges bytes access-control-allow-origin * content-length 380179 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/jpeg last-modified Mon, 11 Mar 2024 15:49:24 GMT server nginx vary Accept-Encoding
GET H2	200	Red-Canary-Logo-2024-reverse.png redcanary.com/wp-content/uploads/2024/05/	15 KB 15 KB	408ms 407ms	Image image/png	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/uploads/2024/05/Red-Canary-Logo-2024-reverse.png Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 7c2ae2ca74ef67fcea69d64e507fa28c8c1b005b72ef4d1a0c433fbc0681ec15 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "66576f8a-3bcb" accept-ranges bytes access-control-allow-origin * content-length 15307 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/png last-modified Wed, 29 May 2024 18:10:18 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Display-400.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 0	0ms 0ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-400.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash c8794253f4669bc181f3401651637f6a14f68ea3ffd1bd18a8e46abaac6308ac Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f062fc-5b10" accept-ranges bytes access-control-allow-origin * content-length 23312 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:16 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Text-700.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 0	1ms 0ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-700.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 2920a21f3d5f1c34cc38823f2c4422d1a0d23cba63233e5e8c382852aa7ada7c Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f06305-5acc" accept-ranges bytes access-control-allow-origin * content-length 23244 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:25 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Display-700.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 23 KB	400ms 399ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-700.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash df064dd6edad0cdc26f0a3abc83b8d5d5b173a41d6b88d8d242823055da2124d Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f062fe-5b1c" accept-ranges bytes access-control-allow-origin * content-length 23324 date Tue, 01 Oct 2024 15:17:16 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:18 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Display-300.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 0	1ms 0ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-300.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 52ce30c1ca4a370f850fadf51868d1792a6e6a81f9488f67b993cc7d2921d187 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f062fb-5acc" accept-ranges bytes access-control-allow-origin * content-length 23244 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:15 GMT server nginx vary Accept-Encoding
GET H2	200	TDR-Header03-1200w.jpeg redcanary.com/wp-content/themes/redcanary/assets/img/	495 KB 496 KB	287ms 284ms	Image image/jpeg	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/TDR-Header03-1200w.jpeg Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 5cd3baa58afc9b772d9cb881478a4511bba11be108264372e299aa7500a41f57 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f0a698-7bacb" accept-ranges bytes access-control-allow-origin * content-length 506571 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/jpeg last-modified Tue, 12 Mar 2024 19:01:44 GMT server nginx vary Accept-Encoding
GET H2	200	search-btn.svg redcanary.com/wp-content/themes/redcanary/assets/img/	161 B 435 B	419ms 417ms	Image image/svg+xml	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/search-btn.svg Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 0f57969cdf0d61b86fc25ded8a8c5058a5edd346d1845b232610a54f08d0fcb8 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"61394254-a1" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:16 GMT content-type image/svg+xml vary Accept-Encoding, Accept-Encoding server nginx last-modified Wed, 08 Sep 2021 23:08:04 GMT
GET H2	200	CanarySans-Text-400.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 0	0ms 0ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-400.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 9a5b8f66f586ce4d9566503535595800d6d4c8b6e1651ab8b2fbf8f02819ef42 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f06303-5a48" accept-ranges bytes access-control-allow-origin * content-length 23112 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:23 GMT server nginx vary Accept-Encoding
GET H2	200	CanarySans-Text-300.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	22 KB 0	0ms 0ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Text-300.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 6a2fae6141cd3c337ae20368ec6c6d16bcd1774b42c9cf6ef2b79f4ce7a67710 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f06302-5998" accept-ranges bytes access-control-allow-origin * content-length 22936 date Tue, 01 Oct 2024 15:17:15 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:22 GMT server nginx vary Accept-Encoding
GET H3	200	track-7d0e7bf49bee06d6fc8f51f5d8631c9bbr.js Show response dev.visualwebsiteoptimizer.com/cdn/7.0/	16 KB 5 KB	26ms 26ms	Script text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/cdn/7.0/track-7d0e7bf49bee06d6fc8f51f5d8631c9bbr.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash d0dd6c8fec30b51f1a834b32180421f8ecb978e131a7ec73608618987baf3016 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers x-goog-metageneration 1 content-encoding br x-goog-hash crc32c=vVlDsQ==, md5=SC/cjzcXQQFmrlIjEdlAug== etag "482fdc8f3717410166ae522311d940ba" age 276291 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 4687 date Sat, 28 Sep 2024 10:32:25 GMT last-modified Sat, 28 Sep 2024 09:34:54 GMT content-type text/javascript; charset=UTF-8 x-guploader-uploadid AD-8ljvSfgv0GghIYeJ1V3dmmOcl3W1_UEpnqz2FyOYX-DvDm9iDSZ9ljsjJG5jzj0f5CqPZFQ cdn_cache_status hit cache-control public, max-age=31536000 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1727516094171770 content-length 4687 content-language en server UploadServer
GET H3	200	opa-05c896517ef6440acaf6a4c7e5fccdaebr.js Show response dev.visualwebsiteoptimizer.com/cdn/analysis/4.0/	153 KB 39 KB	27ms 26ms	Script text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/cdn/analysis/4.0/opa-05c896517ef6440acaf6a4c7e5fccdaebr.js Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash 830569b6b9eda3e3e8575c44353e6257a755857675c7dfbf43fd5410667628c6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers x-goog-metageneration 1 content-encoding br x-goog-hash crc32c=hfwXBQ==, md5=+NxkQvN5DUDTAhUtElft7w== etag "f8dc6442f3790d40d302152d1257edef" age 21691 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 39495 date Tue, 01 Oct 2024 09:15:45 GMT last-modified Tue, 01 Oct 2024 06:50:03 GMT content-type text/javascript; charset=UTF-8 x-guploader-uploadid AD-8ljtLyNmbGvHN-ekVk2Hqg-DmannchDnNOkZOB7ap3tG-fjEJTaWciO4OVpYXvYhXPoI2Lg cdn_cache_status hit cache-control public, max-age=31536000 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1727765403202384 content-length 39495 content-language en server UploadServer
GET H2	200	u cdn.bizible.com/	43 B 86 B	22ms 21ms	Image image/gif	152.195.15.58 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A003-YRU-314%26token%3A_mch-redcanary.com-1727795835325-26601&_biz_u=2f697324933b4d82dd7b9fb56d651c0f&_biz_l=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&_biz_t=1727795835863&_biz_i=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&_biz_n=1&a=redcanary.com&rnd=694287&cdn_o=a&_biz_z=1727795836309 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.15.58 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6752) / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSub Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSub cache-control no-cache, no-store pragma no-cache age 324106 expires -1 accept-ranges bytes x-cache HIT p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" content-length 43 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/gif last-modified Fri, 27 Sep 2024 21:15:30 GMT server ECS (frb/6752)
GET H2	200	button-right-arrow-white.svg redcanary.com/wp-content/themes/redcanary/assets/img/	350 B 581 B	143ms 142ms	Image image/svg+xml	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/button-right-arrow-white.svg Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 8edbf02936f4bbda931a228bd84f7b668522af07f3dfc33b5caee429e7febb85 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"5c76b1e9-15e" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:16 GMT content-type image/svg+xml vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding server nginx last-modified Wed, 27 Feb 2019 15:51:05 GMT
GET H2	204	0 bat.bing.com/action/	0 178 B	46ms 46ms	Image text/plain	2620:1ec:33:1::10 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=56383426&tm=gtm002&Ver=2&mid=047aeb07-174f-488d-ae93-535c160cc74a&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&p=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&r=&lt=1539&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=82637 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache, must-revalidate pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 36108E20761B49F78FB73CFB63FA5846 Ref B: FRA31EDGE0711 Ref C: 2024-10-01T15:17:16Z expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * x-cache CONFIG_NOCACHE date Tue, 01 Oct 2024 15:17:16 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/	13 KB 3 KB	42ms 40ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 Q9brtORRsvfuS5CuJpEeaA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E0C5BC479B x-ms-lease-status unlocked cf-cache-status HIT age 74918 x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type application/json last-modified Tue, 16 Jul 2024 21:46:38 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id bcc2344f-e01e-0102-2b83-d8d725000000 cf-ray 8cbd6b29e81d381a-FRA accept-ranges bytes access-control-allow-origin * content-length 3041 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otPcTab.json Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/	63 KB 14 KB	38ms 37ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/v2/otPcTab.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7465924993bbca3c35db5e27f00d48e1b718c7e82bf610926f9f388bfb13c2e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 YQM0QQUQWBIkxGGTVqiqtQ== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E0C74C73EA x-ms-lease-status unlocked cf-cache-status HIT age 79963 x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type application/json last-modified Tue, 16 Jul 2024 21:46:41 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id f0aa6280-f01e-0091-502d-d8073b000000 cf-ray 8cbd6b29e81e381a-FRA accept-ranges bytes access-control-allow-origin * content-length 13627 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otCookieSettingsButton.json Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/	5 KB 2 KB	43ms 42ms	Fetch application/json	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCookieSettingsButton.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fb7c176325267082e94a7131fed5e157516e6805cee3ac6f6a93340a947d640 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 f69wsM1UofEpgZzoDSThbA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding content-encoding gzip x-ms-version 2009-09-19 etag 0x8DCA5E0C6CFDF96 x-ms-lease-status unlocked cf-cache-status HIT age 66230 x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type application/json last-modified Tue, 16 Jul 2024 21:46:40 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 9d5dcf4a-f01e-005d-3df0-d7638e000000 cf-ray 8cbd6b29e821381a-FRA accept-ranges bytes access-control-allow-origin * content-length 1738 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202403.2.0/assets/	24 KB 4 KB	52ms 51ms	Fetch text/css	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202403.2.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 06c0edbfc1b871fb45195265f5faad3e23191305f6ff2125557a9fbc287c8992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 4ErYmXXFNbMLrnc9DrDTsg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 4141 content-encoding gzip x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type text/css last-modified Tue, 16 Jul 2024 21:46:51 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 4d2bfadf-701e-00e6-41ed-d7827a000000 cf-ray 8cbd6b29e824381a-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H3	200	settings.js Show response dev.visualwebsiteoptimizer.com/	15 KB 5 KB	52ms 52ms	Script application/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/settings.js?a=906194&settings_type=1&vn=&eventArch=1&uuid=&ec=1123835|1250290&rc=1&exc=1|2|6|10 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gfra2 / Resource Hash 1c3cdcb7f1de8b43fbaae64ad813ccc6e8b9768d90cac74f9c2b2a38b92b6504 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control public, max-age=0, no-cache, must-revalidate content-encoding gzip etag W/"1727781308_EA" via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:16 GMT content-type application/javascript; charset=UTF-8 server gfra2
GET H2	200	/ www.facebook.com/tr/	0 274 B	93ms 24ms	Image text/plain	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?batch=1&events[0]=id%3D1042590016249604%26ev%3DPageView%26dl%3Dhttps%253A%252F%252Fredcanary.com%252Fthreat-detection-report%252Fmidyear-update%252F%26rl%3D%26if%3Dfalse%26ts%3D1727795836465%26sw%3D1600%26sh%3D1200%26v%3D2.9.169%26r%3Dstable%26ec%3D0%26o%3D12318%26fbp%3Dfb.1.1727795836464.467205962838487827%26ler%3Dempty%26cdl%3DAPI_unavailable%26it%3D1727795835835%26coo%3Dfalse%26exp%3Df1&rqm=GET Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1328, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 01 Oct 2024 15:17:16 GMT content-type text/plain server proxygen-bolt
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	280ms 211ms	Image image/png	2a03:2880:f176:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1042590016249604&ev=PageView&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&rl=&if=false&ts=1727795836465&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=12318&fbp=fb.1.1727795836464.467205962838487827&ler=empty&cdl=API_unavailable&it=1727795835835&coo=false&exp=f1&rqm=FGET Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420826609950778432"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/png vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420826609950778432", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; cache-control private, no-store, no-cache, must-revalidate x-fb-debug Net7WU9UOlS+aaI2AL2fnhIETaQuPSrDSYysJhCDExW9tlQec90YNsrW1Yc5GAAFN+ihNCpTPCQFkiBnDSgrag== cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1328, tbw=3106, tp=-1, tpl=-1, uplat=186, ullat=0 pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?0
GET H3	200	s.gif dev.visualwebsiteoptimizer.com/	35 B 53 B	116ms 115ms	Image image/gif	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://dev.visualwebsiteoptimizer.com/s.gif?account_id=906194&u=DFCBF3B25D2F2642641520CB20976882D&s=1727795835&p=1&update=1&cq=1&ttl=90&vn=undefined&vns=undefined&vno=undefined&eTime=1727795836503&v=257b305e9&_cu=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&random=0.8075770658922625 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software gnv03c / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate pragma no-cache x-content-type-options nosniff via 1.1 google expires Mon, 10 Jan 2005 00:00:01 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 date Tue, 01 Oct 2024 15:17:15 GMT content-type image/gif server gnv03c
GET H3	200	worker-70faafffa0475802f5ee03ca5ff74179br.js Show response dev.visualwebsiteoptimizer.com/cdn/analysis/4.0/	46 KB 13 KB	24ms 24ms	XHR text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/cdn/analysis/4.0/worker-70faafffa0475802f5ee03ca5ff74179br.js Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash 09b67475f266dbf552159ca9f6b44d9dc3ea04842b2bd6e8b09d74f6b21897d0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers x-goog-metageneration 1 content-encoding br x-goog-hash crc32c=t9nekA==, md5=OTBW++nqbotSERjfhuer5A== etag "393056fbe9ea6e8b521118df86e7abe4" age 344435 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 13401 date Fri, 27 Sep 2024 15:36:41 GMT last-modified Fri, 27 Sep 2024 11:09:37 GMT content-type text/javascript; charset=UTF-8 x-guploader-uploadid AD-8lju22iFH6aL0vnvopaLNAPoA1_JMN581mzWShv1ITpVz6zaY3AYnP6gfrdk2r4ESeFS-VXlbOEEfnw cdn_cache_status hit cache-control public, max-age=31536000 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1727435376936205 content-length 13401 content-language en server UploadServer
GET H2	200	6si.min.js Show response j.6sc.co/	68 KB 19 KB	23ms 23ms	Script application/javascript	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: j.6sc.co URL: https://j.6sc.co/j/f3744a5e-342b-429c-9d2c-2c1b7b45310a.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 13122b3fd48d530470d735824c63b0b25a895931f5728921f8cc1eb5848fe2ba Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control private, proxy-revalidate, max-age=10800 content-encoding gzip etag "66f5de53-111d7" x-content-type-options nosniff expires Tue, 01 Oct 2024 18:17:16 GMT accept-ranges bytes content-length 18830 date Tue, 01 Oct 2024 15:17:16 GMT content-type application/javascript vary Accept-Encoding server nginx/1.14.0 (Ubuntu) last-modified Thu, 26 Sep 2024 22:21:07 GMT
GET H2	200	ot_close.svg cdn.cookielaw.org/logos/static/	651 B 476 B	80ms 80ms	Image image/svg+xml	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_close.svg Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 pcXWFGpuVeSg/jVnYCseRg== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 85245 content-encoding gzip x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type image/svg+xml last-modified Mon, 30 Sep 2024 02:09:18 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 5f836168-c01e-007c-0b4e-130ebf000000 cf-ray 8cbd6b2a7bf99213-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	CanarySans-Display-600.woff2 redcanary.com/wp-content/themes/redcanary/assets/fonts/	23 KB 23 KB	140ms 138ms	Font font/woff2	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/fonts/CanarySans-Display-600.woff2 Requested by Host: redcanary.com URL: https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 3af06755c87e9490cafd32e49064834e94096021de3b7b53458e3384dcf7bf47 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://redcanary.com Referer https://redcanary.com/wp-content/cache/autoptimize/css/autoptimize_1aff4dedf8fd1385415cadd1fc9459fa.css Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65f062fe-5bf4" accept-ranges bytes access-control-allow-origin * content-length 23540 date Tue, 01 Oct 2024 15:17:16 GMT content-type font/woff2 last-modified Tue, 12 Mar 2024 14:13:18 GMT server nginx vary Accept-Encoding
GET H2	200	ot_guard_logo.svg Show response cdn.cookielaw.org/logos/static/	497 B 516 B	56ms 55ms	Fetch image/svg+xml	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/202403.2.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 tXyZydHjxQshFMbbBT1/8A== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 19258 content-encoding gzip x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type image/svg+xml last-modified Tue, 01 Oct 2024 03:19:43 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 1a7148f9-601e-00f2-07cb-13411e000000 cf-ray 8cbd6b2a88e9381a-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	ot_company_logo.png cdn.cookielaw.org/logos/static/	4 KB 4 KB	48ms 46ms	Image mage/png	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/ot_company_logo.png Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a335fc1da4a5ffc1fcacfa3eab57506faa41f026954496becb59cf5fbcd99d0e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 E8+sk/ECzKgTUVtDLikiIA== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked etag 0x8DCDDF725EE385C age 85262 cf-cache-status HIT x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type mage/png last-modified Thu, 26 Sep 2024 06:47:54 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id c8f97f15-501e-00be-134a-108601000000 cf-ray 8cbd6b2aac289213-FRA accept-ranges bytes access-control-allow-origin * content-length 4036 x-ms-blob-type BlockBlob server cloudflare
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	42ms 40ms	Image image/svg+xml	2606:4700::6812:572a CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-md5 Y+c301RBZNK39PvKQWrIBw== access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19 x-ms-lease-status unlocked cf-cache-status HIT age 53822 content-encoding gzip x-content-type-options nosniff date Tue, 01 Oct 2024 15:17:16 GMT content-type image/svg+xml last-modified Mon, 30 Sep 2024 19:29:22 GMT vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control max-age=86400 cross-origin-resource-policy cross-origin x-ms-request-id 90ad695b-801e-00f8-6a74-135897000000 cf-ray 8cbd6b2aac299213-FRA access-control-allow-origin * x-ms-blob-type BlockBlob server cloudflare
GET H2	200	getuidj Show response secure.adnxs.com/	29 B 1 KB	26ms 25ms	XHR application/json	37.252.171.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.23.4 / Resource Hash 0024b348a87cee92040fc475e7653b2d6dc99235493faa5289c0cb44e6441fe3 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 84.19.175.165; 84.19.175.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin https://redcanary.com an-x-request-uuid 6267ae42-f9bd-48b3-b982-e9f9dc51a245 content-length 29 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Tue, 01 Oct 2024 15:17:16 GMT x-xss-protection 0 content-type application/json; charset=utf-8 server nginx/1.23.4
GET H2	200	/ Show response c.6sc.co/	7 B 191 B	24ms 23ms	XHR text/html	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software / Resource Hash fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers access-control-max-age 86400 access-control-allow-credentials true access-control-allow-methods GET,POST access-control-allow-origin https://redcanary.com content-length 7 date Tue, 01 Oct 2024 15:17:16 GMT content-type text/html access-control-allow-headers *
GET H2	200	/ Show response ipv6.6sc.co/	35 B 333 B	109ms 29ms	XHR text/html	2a02:26f0:7100::210:180 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ipv6.6sc.co/ Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:7100::210:180 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 492ea84ce6bba70c4125c1aed67dfee6a4c1dc27fa7ca2c45366ec25e418eb87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store pragma no-cache 6si-ipv6 2001:1b60:1010:2:1011:119:badd:486b expires Tue, 01 Oct 2024 15:17:16 GMT server-timing cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1727795836650_34603388_266640829_21_1128_21_42_219";dur=1 access-control-allow-origin https://redcanary.com content-length 35 date Tue, 01 Oct 2024 15:17:16 GMT content-type text/html vary Origin
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	135ms 133ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.28 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f020a0-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:16 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/gif last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	126ms 124ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22565ffb1efc5e75f417d1fe1c2134f835%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22e8bebcdaa132f727ae8d16d9967447769318945e%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%22f3744a5e-342b-429c-9d2c-2c1b7b45310a%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&v=1.1.28 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "615ccf10-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:16 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/gif last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	messenger app.qualified.com/w/1/bAEbi2aHVysBKzuy/ Frame 0811	0 0	495ms 324ms	Document text/html	104.18.16.5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.qualified.com/w/1/bAEbi2aHVysBKzuy/messenger?uuid=e208a1e5-df2c-456b-b549-838a8be0c73a Requested by Host: js.qualified.com URL: https://js.qualified.com/qualified.js?token=bAEbi2aHVysBKzuy Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.16.5 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy Strict-Transport-Security max-age=63072000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://redcanary.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control max-age=0, private, must-revalidate cf-cache-status DYNAMIC cf-ray 8cbd6b2c4b07db12-FRA content-encoding gzip content-security-policy content-type text/html; charset=utf-8 date Tue, 01 Oct 2024 15:17:17 GMT link <https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-ea37ea0f.chunk.css>; rel=preload; as=style; nopush referrer-policy strict-origin-when-cross-origin server cloudflare strict-transport-security max-age=63072000; includeSubDomains vary Accept-Encoding x-cache miss x-content-type-options nosniff x-download-options noopen x-permitted-cross-domain-policies none x-request-id e06f7d60-c5ee-4a5c-b3fc-f7c682399a01 x-runtime 0.022662 x-xss-protection 1; mode=block
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	135ms 135ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A1010%3A2%3A1011%3A119%3Abadd%3A486b%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3A119%3Abadd%3A486b&v=1.1.28 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "60bb2e15-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:16 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:16 GMT content-type image/gif last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	details Show response eps.6sc.co/v3/company/	640 B 592 B	104ms 56ms	XHR application/json	99.83.231.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eps.6sc.co/v3/company/details Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.231.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afe865822f884bb48.awsglobalaccelerator.com Software / Resource Hash 538d24a41345da2b6800cad8af5ebf1292a47a5c2f78ba77444accd1f5c59cb1 Request headers Authorization Token e8bebcdaa132f727ae8d16d9967447769318945e X-6s-CustomID WebTag f3744a5e-342b-429c-9d2c-2c1b7b45310a Referer https://redcanary.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-expose-headers X-6si-Region timing-allow-origin https://6sense.com content-encoding gzip x-6si-region eu-central-1 access-control-allow-credentials true access-control-allow-origin https://redcanary.com content-length 326 date Tue, 01 Oct 2024 15:17:16 GMT content-type application/json vary Origin, Accept-Encoding
OPTIONS H2	200	details eps.6sc.co/v3/company/ Frame	0 0	118ms 28ms	Preflight	99.83.231.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://eps.6sc.co/v3/company/details Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.83.231.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS afe865822f884bb48.awsglobalaccelerator.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,x-6s-customid Access-Control-Request-Method GET Origin https://redcanary.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers authorization,x-6s-customid access-control-allow-methods OPTIONS,GET access-control-allow-origin https://redcanary.com access-control-expose-headers X-6si-Region access-control-max-age 1800 content-length 0 date Tue, 01 Oct 2024 15:17:16 GMT timing-allow-origin https://6sense.com x-6si-region eu-central-1
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	90ms 21ms	Script text/javascript	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXWC8JW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers content-encoding gzip age 6662 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Tue, 01 Oct 2024 15:26:15 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 13:26:15 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 20994 server Golfe2
POST H2	204	collect region1.analytics.google.com/g/	0 0	33ms 32ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-T3K4MTNQJN&gtm=45je49u0v874113835za200&_p=1727795835112&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101671035~101686685~101747727&cid=1831627930.1727795835&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAC&_s=2&sid=1727795835&sct=1&seg=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&dt=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&en=page_view&_ee=1&_et=12&tfd=2664 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-T3K4MTNQJN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://redcanary.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:17 GMT content-type text/plain server Golfe2
POST H2	200	v Show response v.eps.6sc.co/	12 B 519 B	210ms 200ms	XHR application/json	13.35.58.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v.eps.6sc.co/v Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-23.fra60.r.cloudfront.net Software / Resource Hash 512a4f403d30a587ad5ab0b9fa7b2fd4f078249ee03f9c23c445332838f6a436 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/json Referer https://redcanary.com/ Response headers x-amz-apigw-id e-fToFfwIAMEl5w= x-amzn-trace-id Root=1-66fc127d-7d94ec374c9b157a3540a62e;Parent=222ed481d4afba88;Sampled=0;Lineage=1:56167173:0 access-control-allow-methods OPTIONS,POST x-amzn-requestid 6d6298b3-7c27-40e3-8b04-6c4eb5b9d131 via 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront) access-control-allow-origin * x-cache Miss from cloudfront content-length 12 x-amz-cf-id mvC7Yh0fccc1GNs-GemZ7EeJx-uwnEYUPHKXmkKAigYvvMb9sOFeaA== date Tue, 01 Oct 2024 15:17:17 GMT content-type application/json x-amz-cf-pop FRA60-P10 access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	138ms 137ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=6sense-temp-analytics&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=https%3A%2F%2Feps.6sc.co&q=%7B%22name%22%3A%22https%3A%2F%2Feps.6sc.co%2Fv3%2Fcompany%2Fdetails%22%2C%22entryType%22%3A%22resource%22%2C%22startTime%22%3A2420.199999809265%2C%22duration%22%3A223.5999994277954%2C%22initiatorType%22%3A%22xmlhttprequest%22%2C%22deliveryType%22%3A%22%22%2C%22nextHopProtocol%22%3A%22%22%2C%22renderBlockingStatus%22%3A%22non-blocking%22%2C%22workerStart%22%3A0%2C%22redirectStart%22%3A0%2C%22redirectEnd%22%3A0%2C%22fetchStart%22%3A2420.199999809265%2C%22domainLookupStart%22%3A0%2C%22domainLookupEnd%22%3A0%2C%22connectStart%22%3A0%2C%22secureConnectionStart%22%3A0%2C%22connectEnd%22%3A0%2C%22requestStart%22%3A0%2C%22responseStart%22%3A0%2C%22firstInterimResponseStart%22%3A0%2C%22responseEnd%22%3A2643.7999992370605%2C%22transferSize%22%3A0%2C%22encodedBodySize%22%3A0%2C%22decodedBodySize%22%3A0%2C%22responseStatus%22%3A200%2C%22serverTiming%22%3A%5B%5D%2C%22metadata%22%3A%7B%22region%22%3A%22eu-central-1%22%7D%7D&isIframe=false&m=%7B%22endpoint%22%3A%22epsilon.6sense.com%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=&d=1&v=1.1.28 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "615ccf10-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:17 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:17 GMT content-type image/gif last-modified Tue, 05 Oct 2021 22:17:52 GMT server nginx/1.14.0 (Ubuntu)
OPTIONS H2	200	v v.eps.6sc.co/ Frame	0 0	203ms 123ms	Preflight application/json	13.35.58.23 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://v.eps.6sc.co/v Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.35.58.23 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-35-58-23.fra60.r.cloudfront.net Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://redcanary.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token access-control-allow-methods OPTIONS,POST access-control-allow-origin * content-length 0 content-type application/json date Tue, 01 Oct 2024 15:17:17 GMT via 1.1 7ccd3c44ed70cdb4cd40f0ff29b1254c.cloudfront.net (CloudFront) x-amz-apigw-id e-fTmG0koAMEALg= x-amz-cf-id Vwl0BatQwqntopImHKmcKj-KMNJmfqGS_imHt2Rsk58BXgIaxjnuxw== x-amz-cf-pop FRA60-P10 x-amzn-requestid 903bb8fa-2e2d-488d-901f-d1e55f380b18 x-cache Miss from cloudfront
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 419 B	130ms 126ms	XHR text/plain	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=573250244&t=event&ni=1&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&ul=de-de&de=UTF-8&dt=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=6si_company_details&ea=6si_data_loaded&_u=YADAAEABAAAAACAAI~&jid=626484782&gjid=1023330679&cid=1831627930.1727795835&tid=UA-52702906-1&_gid=475761993.1727795837&_r=1&_slc=1&gtm=45He49u0n81PXWC8JWv813277038za200&cd4=&cd5=&cd10=&cd11=&cd20=&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&npa=1&z=1200061444 Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://redcanary.com/ Response headers report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],} x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 15:17:17 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type text/plain cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0 access-control-allow-origin https://redcanary.com cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 3 server Golfe2
GET		d163e983-7742-47c8-8e42-ce58c5dfdec0 https://redcanary.com/ Frame	0 0
POST H2	200	analyze Show response r1.visualwebsiteoptimizer.com/	0 143 B	839ms 220ms	XHR application/javascript	35.245.208.72 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://r1.visualwebsiteoptimizer.com/analyze?_a=906194&_u=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.245.208.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 72.208.245.35.bc.googleusercontent.com Software r1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundarykSN7gdrBO2lQWhVE Referer https://redcanary.com/ Response headers access-control-allow-origin * content-encoding gzip date Tue, 01 Oct 2024 15:17:17 GMT content-type application/javascript; charset=UTF-8 server r1
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	132ms 130ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A17%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A16%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3A119%3Abadd%3A486b&v=1.1.28 Requested by Host: redcanary.com URL: https://redcanary.com/threat-detection-report/midyear-update/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "60bb2e15-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:17 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:17 GMT content-type image/gif last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu)
GET H3	200	nc-bced65cf3ce53b1cb96e33d3391e8ef4br.js Show response dev.visualwebsiteoptimizer.com/cdn/edrv/	11 KB 4 KB	31ms 28ms	XHR text/javascript	34.96.102.137 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://dev.visualwebsiteoptimizer.com/cdn/edrv/nc-bced65cf3ce53b1cb96e33d3391e8ef4br.js Requested by Host: cdn.bizible.com URL: https://cdn.bizible.com/scripts/bizible.js?account=redcanary.com Protocol H3 Security QUIC, , AES_128_GCM Server 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 137.102.96.34.bc.googleusercontent.com Software UploadServer / Resource Hash dc731d27b605c8bfda83754695f4de65206b95681806892e01db3cd374838d18 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers x-goog-metageneration 1 content-encoding br x-goog-hash crc32c=7MztHA==, md5=lfGY9pn/XBOvmDUWZrKOfQ== etag "95f198f699ff5c13af98351666b28e7d" age 336193 x-goog-stored-content-encoding br alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 3700 date Fri, 27 Sep 2024 17:54:04 GMT last-modified Fri, 27 Sep 2024 14:21:30 GMT content-type text/javascript; charset=UTF-8 x-guploader-uploadid AD-8ljvpYjSnCH9x0AwBC2A-W-l2txeYcK29kPAGIpds4eurJtqh4ML3m0cuCewnIFzTYwmxE6U cdn_cache_status hit cache-control public, max-age=31536000 x-goog-storage-class STANDARD accept-ranges bytes access-control-allow-origin * x-goog-generation 1727446890260286 content-length 3700 content-language en server UploadServer
GET H3	200	collect www.google-analytics.com/	35 B 58 B	24ms 23ms	Image image/gif	2a00:1450:4001:830::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=573250244&t=pageview&_s=1&dl=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&ul=de-de&de=UTF-8&dt=Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDAAEABAAAAACAAI~&jid=&gjid=&cid=1831627930.1727795835&tid=UA-52702906-1&_gid=475761993.1727795837&gtm=45He49u0n81PXWC8JWv813277038za200&cd4=&cd5=&cd10=&cd11=&cd20=&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&cd6=Germany&cd7=Lower%20Saxony&cd8=Welle&cd9=&cd12=&cd13=&cd14=&cd18=null&npa=1&z=626706241 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers age 24028 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],} x-content-type-options nosniff expires Mon, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 01 Oct 2024 08:36:49 GMT last-modified Sun, 17 May 1998 03:00:00 GMT content-type image/gif cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 35 server Golfe2
GET H2	200	favicon.png redcanary.com/wp-content/themes/redcanary/assets/img/	16 KB 16 KB	144ms 140ms	Other image/png	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash 8b4532ddd365937e2ee31a95189a447d45881cf4dadf2ab66c850786f87774d8 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "5c76b1ec-3fb8" accept-ranges bytes access-control-allow-origin * content-length 16312 date Tue, 01 Oct 2024 15:17:17 GMT content-type image/png last-modified Wed, 27 Feb 2019 15:51:08 GMT server nginx vary Accept-Encoding
GET H2	200	favicon.ico redcanary.com/wp-content/themes/redcanary/assets/img/	1 KB 812 B	153ms 152ms	Other image/x-icon	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash c3096f016b56aa58ea27707e5636618495175ed50b77c09b91c9cb5c014b79e2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 content-encoding br etag W/"65e68ad0-47e" access-control-allow-origin * date Tue, 01 Oct 2024 15:17:18 GMT content-type image/x-icon vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding server nginx last-modified Tue, 05 Mar 2024 03:00:32 GMT
GET H2	200	analyze r1.visualwebsiteoptimizer.com/	35 B 257 B	435ms 212ms	Image image/gif	35.245.208.72 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://r1.visualwebsiteoptimizer.com/analyze?a=906194&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&duration=0&session_id=1727795835&recording_id=1&vn=4.0.328&rand=0.01284399131773295&end_time=1727795837105&jsonEn=%7B%22b64%22%3A%7B%22key%22%3A%220%252052%27%253E%253C%2Fsvg%253E%22%2C%22value%22%3A%22data%3Aimage%2Fsvg%2Bxml%2C%253Csvg%2520xmlns%3D%27http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%27%2520viewBox%3D%270%25200%2520210%252052%27%253E%253C%2Fsvg%253E%22%7D%7D&eTime=1727795838105&fRS=true&re=%7B%222%22%3A%22DFCBF3B25D2F2642641520CB20976882D%22%7D&he=%7B%221%22%3A%22DFCBF3B25D2F2642641520CB20976882D%22%7D&v2=true&count=2 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.245.208.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 72.208.245.35.bc.googleusercontent.com Software r1 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate pragma no-cache x-content-type-options nosniff expires Mon, 10 Jan 2005 00:00:01 GMT access-control-allow-origin * content-length 35 date Tue, 01 Oct 2024 15:17:18 GMT content-type image/gif server r1
GET H2	200	analyze r1.visualwebsiteoptimizer.com/	35 B 256 B	435ms 213ms	Image image/gif	35.245.208.72 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://r1.visualwebsiteoptimizer.com/analyze?a=906194&url=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&duration=0&session_id=1727795835&recording_id=1&vn=4.0.328&rand=0.5377198110940078&end_time=1727795837105&jsonEn=%7B%22b64%22%3A%7B%22key%22%3A%2200%25200%27%253E%253C%2Fsvg%253E%22%2C%22value%22%3A%22data%3Aimage%2Fsvg%2Bxml%2C%253Csvg%2520xmlns%3D%27http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%27%2520viewBox%3D%270%25200%25200%25200%27%253E%253C%2Fsvg%253E%22%7D%7D&eTime=1727795838105&fRS=true&re=%7B%222%22%3A%22DFCBF3B25D2F2642641520CB20976882D%22%7D&he=%7B%221%22%3A%22DFCBF3B25D2F2642641520CB20976882D%22%7D&v2=true&count=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 35.245.208.72 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 72.208.245.35.bc.googleusercontent.com Software r1 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate pragma no-cache x-content-type-options nosniff expires Mon, 10 Jan 2005 00:00:01 GMT access-control-allow-origin * content-length 35 date Tue, 01 Oct 2024 15:17:18 GMT content-type image/gif server r1
GET H2	200	favicon-32x32.png redcanary.com/wp-content/themes/redcanary/assets/img/	1 KB 2 KB	136ms 134ms	Other image/png	104.198.136.223 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://redcanary.com/wp-content/themes/redcanary/assets/img/favicon-32x32.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.198.136.223 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 223.136.198.104.bc.googleusercontent.com Software nginx / Resource Hash a19b17e3c318b115a7531fd404bd12a49d65104d57a1efd064f5ae80b457f52f Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/threat-detection-report/midyear-update/ Response headers strict-transport-security "max-age=63072000; includeSubDomains; preload"; content-security-policy upgrade-insecure-requests cache-control public, max-age=31536000 etag "65e68ad0-5c9" accept-ranges bytes access-control-allow-origin * content-length 1481 date Tue, 01 Oct 2024 15:17:18 GMT content-type image/png last-modified Tue, 05 Mar 2024 03:00:32 GMT server nginx vary Accept-Encoding
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	153ms 152ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A18%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A17%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3A119%3Abadd%3A486b&v=1.1.28 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "63f020a0-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:18 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:18 GMT content-type image/gif last-modified Sat, 18 Feb 2023 00:49:36 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 258 B	119ms 119ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A18%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223004%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3A119%3Abadd%3A486b&v=1.1.28 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "60bb2e15-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:19 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:19 GMT content-type image/gif last-modified Sat, 05 Jun 2021 07:56:05 GMT server nginx/1.14.0 (Ubuntu)
GET H2	200	img.gif b.6sc.co/v1/beacon/	43 B 257 B	135ms 134ms	Image image/gif	2.17.100.184 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A19%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224005%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3A119%3Abadd%3A486b&v=1.1.28 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.17.100.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-17-100-184.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://redcanary.com/ Response headers cache-control max-age=0, no-cache, no-store etag "5e502810-2b" pragma no-cache x-content-type-options nosniff expires Tue, 01 Oct 2024 15:17:20 GMT accept-ranges bytes content-length 43 date Tue, 01 Oct 2024 15:17:20 GMT content-type image/gif last-modified Fri, 21 Feb 2020 18:57:20 GMT server nginx/1.14.0 (Ubuntu)
GET		img.gif b.6sc.co/v1/beacon/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

redcanary.com

URL

blob:https://redcanary.com/59b88a12-4951-4b75-8d1e-3c3695d7b49a

Domain

redcanary.com

URL

blob:https://redcanary.com/d163e983-7742-47c8-8e42-ce58c5dfdec0

Domain

b.6sc.co

URL

https://b.6sc.co/v1/beacon/img.gif?token=565ffb1efc5e75f417d1fe1c2134f835&svisitor=null&visitor=017ac353-8275-47b8-8a6a-9887f585b9cd&session=ee3be609-d926-42d2-8eea-4f92eaf1eed0&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2001%20Oct%202024%2015%3A17%3A20%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225005%22%7D&isIframe=false&m=%7B%22description%22%3A%22An%20in-depth%20look%20at%20the%20most%20prevalent%20cybersecurity%20threats%2C%20MITRE%20ATT%26CK%C2%AE%20techniques%2C%20and%20identity%20trends%20for%20the%20first%20half%20of%202024%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Threat%20Detection%20Report%20Midyear%20Update%20Introduction%20%7C%20Red%20Canary%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fredcanary.com%2Fthreat-detection-report%2Fmidyear-update%2F&pageViewId=9d505d60-5022-48db-8afc-b68d7deeee67&an_uid=8961757327745448092&webTagId=f3744a5e-342b-429c-9d2c-2c1b7b45310a&ipv6=2001%3A1b60%3A1010%3A2%3A1011%3A119%3Abadd%3A486b&v=1.1.28